[MaraDNS list] Deadwood update

[wayne at tiscali]

thanx sam,

i'll keep my eyes peeled for the windows version

best regards

wayne

On 24 Apr 2012 18:52, Sam Trenholme wrote:
> I have updated Deadwood today. This will be my last MaraDNS and
> Deadwood update until late May.
>
> EasyDNS sometimes has given out packets marked "truncated" that, in
> violation of RFC1035 section 4.1.1, do not mean that "[the] message
> was truncated due to length greater than that permitted on the
> transmission channel.", but mean "our UDP server is broken, try using
> our TCP server".
>
> This in mind, I have updated Deadwood so that if we got a truncated
> packet and can not extract any useful information from the packet,
> unless Deadwood is using DNS-over-TCP, it's better to completely
> ignore the reply (when EasyDNS has had this issue, only some of their
> DNS servers have been affected).
>
> I have added a SQA test to ensure Deadwood correctly handles this
> abuse of the "truncated" DNS bit.
>
> EasyDNS: Please do not violate the DNS RFCs unless there is a
> compelling reason to do so.  Sometimes, the RFCs are wrong, such as an
> issue I describe at http://samiam.org/blog/20110722.html , but TC
> should only mean "this packet is too long to fit in a 512-bit
> DNS-over-UDP packet", *not* "our UDP server is broken right now".  Use
> "server fail" or just drop the packet.
>
> In addition, Makefile.ipv6 now works again. Keep in mind that, while
> Deadwood has IPv6 support, Deadwood with IPv6 has not been widely
> tested.
>
> It can be downloaded here:
>
>      http://www.maradns.org/deadwood/snap/
>
> I plan to work on MaraDNS/Deadwood again one day in May, after the
> 20th, unless a critical security bug is found.
>
> - Sam